libfreetype CVE FYI
Ken Brown
kbrown@cornell.edu
Wed Oct 21 21:20:24 GMT 2020
On 10/21/2020 1:03 PM, Achim Gratz wrote:
> Ken Brown via Cygwin-apps writes:
>>> https://sourceforge.net/projects/freetype/files/freetype2/2.10.4/
>>
>> Thanks, Brian. I'll update it.
>
> Did you intend to release this security / minor version update as a test
> release? It would seem more prudent to just update the package or do
> you expect problems?
I did that because Fedora is still on 2.10.2, and I generally try to avoid
getting ahead of Fedora on package releases. That's because (a) the Fedora
maintainers are more knowledgeable than I am about many of the packages that I
maintain, and (b) the update will get much more testing once Fedora releases it.
That said, I agree that a security update should get high priority. So I'll
wait a few more days for Fedora, and then I'll go ahead and promote the test
release to "current", regardless of what Fedora does.
Ken
More information about the Cygwin-apps
mailing list